Stream Safety publicizes Cloud Twin cloudsecops platform
November 14: Stream Safety (previously Lightlytics) has introduced three new options for its Cloud Twin engine, a cloud safety operations (cloudsecops) platform that may assist detect and examine threats and exposures of their cloud environments. The corporate claims it could actually now map cloud dependencies in real-time quite than periodically, permitting safety and operations groups to higher cooperate to deal with safety gaps.
The brand new options, which will probably be routinely obtainable to present clients, are:
- Azure integration: Cloud Twin now helps Microsoft Azure, which Stream Safety claims permits it to mannequin all of the doable paths and site visitors between totally different cloud platforms.
- Vulnerability correlation: The platform can assist safety groups prioritize efforts by correlating vulnerabilities with their exploitability stage.
- Risk anomaly detection: Cloud Twin now has risk anomaly detection capabilities to establish malicious conduct and unauthorized entry.
Kasada launches KasadaIQ assault prediction providers
November 14: Risk detection and administration agency Kasada has launched a brand new assault prediction platform designed to counter bot fraud. The KasadaIQ suite debuted with its first service, KasadaIQ for Fraud, with plans so as to add extra capabilities sooner or later.
KasadaIQ for Fraud is designed to offer companies with perception into how bots goal digital channels and buyer knowledge by providing visibility into non-traditional knowledge sources and adversary communities by the “functionality to detect assaults earlier than they occur and make sure threats that might in any other case go undetected,” the corporate mentioned.
Core features of KasadaIQ for Fraud embody:
Unconventional sourcing: Kasada displays exercise inside non-traditional sources — together with resale marketplaces, fraud teams, proxy suppliers, account era teams, and internet hosting suppliers.
Early warnings: Kasada’s analysts first establish and vet present and rising threats inside its knowledge system, then ship out advance alerts.
Bot acquisition and evaluation: Kasada secretly purchases bots in circulation and extensively analyzes how they work.
Stolen credential evaluation: Kasada purchases and evaluates stolen credential units from prison marketplaces to assist the shopper treatment safety gaps and on-line fraud.
Devoted analyst hours: Prospects obtain a set quantity of analyst hours for Kasada to research what’s most related to their wants, resembling intel on fraud teams or reverse-engineering assaults.
Skilled providers: Kasada will scope customized necessities and supply knowledgeable steerage on the right way to finest obtain the specified outcomes.
Cycode debuts ConnectorX with utility safety posture administration functionality
November 14: Utility safety posture administration (ASPM) supplier Cycode has launched its click-and-consume third-party ASPM connector platform ConnectorX and introduced vital enhancements to its danger intelligence graph (RIG) for risk-based prioritization. The platform goals to foster improved collaboration between safety and improvement groups. It consists of greater than 40 software program improvement lifecycle integrations, together with the introduction of assist for Wiz and Black Duck.
The Cycode platform supplies corporations with the selection to make use of its native ASPM instruments or maximize investments of their present AppSec instruments. Corporations can plug in any AppSec resolution and “inside minutes,” achieve correct, real-time visibility into their safety posture, in line with the corporate.
DirectDefense ThreatAdvisor 3.0 goals to streamline safety operations with SOAR know-how
November 14: Data safety providers firm DirectDefense has launched ThreatAdvisor 3.0, a serious replace to its proprietary safety orchestration, automation, and response (SOAR) platform. ThreatAdvisor 3.0 is designed to enhance the velocity, effectivity, and accuracy of DirectDefense’s Safety Operations Middle (SOC), the corporate mentioned in a press launch.
The platform gives custom-made steady safety monitoring and administration, automates guide processes, and consists of an in depth data base for compliance, safety occasions and mitigation methods. ThreatAdvisor 3.0 integrates with different options to offer a single interface for risk administration with extra knowledge and higher context, the corporate claims. The platform collects and processes vulnerability and asset knowledge from a number of sources and compiles them right into a holistic view of a corporation’s safety posture, supporting penetration testing, operational know-how (OT) and industrial management techniques (ICS) assessments, vulnerability administration, managed detection and response (MDR), compliance assessments, and enterprise danger administration.
Lacework Code Safety expands protection to full utility lifecycle
November 14: Cloud safety agency Lacework has added the Code Safety product to its infrastructure-as-code (IaC) suite to unify code and cloud safety with the purpose of permitting enterprises to innovate and ship safe cloud-native functions with elevated velocity.
Lacework Code Safety introduces two types of static program evaluation — software program composition evaluation (SCA) focused at third-party code in clients’ repositories, and static utility safety testing (SAST) concentrating on first-party code. The Lacework platform now encompasses code as it’s written, infrastructure as code, containers, identification and entitlement administration, and runtime throughout clouds.
Lacework added that clients may have entry to always-up-to-date software program payments of supplies (SBOMs) for each utility and continuous visibility into their software program provide chain, in addition to an understanding of open-source license danger.
Palo Alto Networks updates Cortex XSIAM
November 13: Palo Alto Networks has introduced Cortex XSIAM 2.0, an up to date model of its present product that now has a command heart, MITRE ATT&CK Protection Dashboard and produce your individual ML (BYOML) amongst different updates.
The brand new options are:
- XSIAM Command Middle: With a extra user-friendly design, XSIAM Command Middle gives a complete overview of SOC operations, together with visibility into all knowledge sources being consumed by XSIAM, safety alerts and incident info, such because the variety of resolved or open safety incidents.
- MITRE ATT&CK Protection Dashboard: That is designed to permit mapping protection on to MITRE ATT&CK, offering detailed visibility of detection and prevention protection throughout ways and methods into the MITRE ATT&CK framework.
- Carry your individual ML: For organizations that wish to construct their very own customized ML mannequin, XSIAM ingests full safety knowledge throughout lots of of supported sources to allow higher out-of-the-box AI/ML analytics. SOCs can use this to create and customise ML fashions in addition to combine their very own fashions.
- Contextual in-product assist assistant: Entry to product assist and documentation with out the necessity to navigate out of the product.
- New safety safety: Enhance detection and safety protection capabilities with new modules for early detection of threats concentrating on macOS ransomware, Kubernetes(K8s) and grasp boot data (MBRs).
- Community detection (NDR) protection: Develop the community protection of the endpoints with over 50 new detectors protecting generic and particular protocol-based risk detection.
- Superior Native Evaluation for macOS and Linux: Supplies enhanced protection for native evaluation of macOS and Linux file techniques, leveraging ML fashions to offer correct and adaptive responses to evolving threats.
- Free textual content search: A simplified search that permits analysts to question the whole safety knowledge set, with out the necessity to craft particular XQL queries.
- New assault floor administration (ASM) insurance policies: New ASM insurance policies added to the present library of over 700 insurance policies.
